Configuring the Sametime Community Server for single sign-on

After exporting the LTPA token from IBM® WebSphere® Application Server, import it to the IBM Sametime® Community Server to enable single sign-on.

About this task

For information about using IBM Sametime Community Server with Internet Sites enabled, see the Technote Can Sametime work with Internet Sites enabled?
Note: In this procedure, the timeout value must equal the timeout value set when you completed the procedure Preparing servers running on WebSphere Application Server for single sign-on. Ensure that you are using the correct LTPA domain.

Procedure

  1. Import the LTPA token that you exported from WebSphere Application Server:
    1. Open the names.nsf file on the IBM Domino® server for the Sametime Community Server.
    2. Click Configuration > Web > Web Configurations view.
    3. Choose the Web SSO Configuration for LtpaToken document and click on Edit Document.
    4. Verify that the Configuration Name (Under Token Configuration) is set to LtpaToken.
      Note: The Configuration Name, LtpaToken, is case-sensitive.
    5. Set the DNS Domain to the domain of the Sametime and WebSphere servers. The entry must begin with a leading . (dot). For example, enter .renovations.com
    6. Click Keys > Import WebSphere LTPA keys.
    7. Type the exact file location of the key file that you exported from the WebSphere-based Sametime server in the previous task.
    8. Enter the password you created on the server when you enabled single sign-on.
    9. Click OK.

      The message "Successfully imported WebSphere LTPA keys" appears after the key has been imported.

  2. Set the token format for single sign-on:
    1. In the Token Format field of the "WebSphere Information" section, set the LTPA level to match the LTPA level set in the Sametime System Console.
    2. Select LtpaToken and LtpaToken2.
    3. Set the Token Expiration value in minutes to match the timeout value set in Step 9 of the procedure Preparing servers running on WebSphere Application Server for single sign-on.
  3. Click Save and Close.
  4. Ensure that the Sametime Community Server is configured to use Ltpa tokens and not the legacy Sametime tokens.
    1. Log in to the Sametime System Console as the Sametime administrator.
    2. Click Sametime Servers > Sametime Community Servers.
    3. In the list of Community Servers, click the name of a Sametime Community Server to open its Configuration page.
    4. Click the Community Services tab.
    5. In the General section, verify that the authentication type that users can use while logging into the Community Server field is set to LTPA only.
  5. Restart the Domino server to put your changes into effect.